Environment

Resolution

Default Issuer : If you have more than one asserting party, which asserting party will be the default for SP-Initiated ? (only one can be set here)

single sign on redirect service location (to be provided by IdP)Which URL to send the SP Authentication request to.Typically this is provided by the IdP. It could be in the metadata file provided already (under SingleLogoutService section)

Send request as Company-Wide issuer What EntityID to send in the authentication request. This needs to match the setup on the customer end. Setting value to No sends the generic value for the datacentre, and Yes sends the value with the company ID. For example, if they setup their system to recognize the SP using “www.successfactors.com” then our authentication request SAML message needs to contain the same value, so we set it to No. If we want to send “www.successfactors.com/CompanyID” then we set it to Yes.

SP Signing certificate needs to be used from Success Factors, otherwise the IDP system might reject the SP initiated login request